Skip to main content
Skip table of contents

Data Sharing profiles (API)

Data Sharing parameters

Use these parameters in the JSON structure when you apply the Data Sharing policy to the app with app-market/policy.

Copy Paste

ParameterDescription
copyBlocked

String (not int)

1: Prohibit user from copying data in the protected app into another app.

0: Allow user to copy data in the protected app. (Default)

pasteBlocked

String (not int)

1: Prohibit user from pasting data into the protected app from another app.

0: Allow user to paste data into the protected app. (Default)

Drag and Drop

ParameterDescription
dragBlocked

String (not int)

1: Prohibit user from copying data by dragging in the protected app into another app.

0: Allow user to copy data by dragging in the protected app. (Default)

dropBlocked

String (not int)

1: Prohibit user from pasting data by dropping into the protected app from another app.

0: Allow user to paste data by dropping into the protected app. (Default)

Privacy screen

ParameterDescription
privacyScreen

1: Hide app screen images from app switcher (iOS and Android), and block screenshots and screen sharing (Android).

0: The app's contents are not hidden or blocked in these contexts. (Default)

Grouped apps

ParameterDescription
share_map_data

1: Enable app to share credentials and encryption keys and to copy/paste with other grouped apps.

0: Disable app from sharing credentials and encryption keys with other apps. (Default)

Preferred apps

ParameterDescription
webLinksBehavior

Control if and how web links open. Possible values:

  • allowCompass: Web links (HTTP and HTTPS) open only in Compass.
  • blockWebLinks: Web links don't open at all.
  • useSystemDefaults: Web links follow the device's default behavior. For example, there might be a default browser for the device, or the device may present the user with a choice of all browser apps.
externalAppIDs

Approved app list: To open data (link or content) in a trusted app, this app list specifies which apps are explicitly trusted on Android and iOS. These trusted apps don't necessarily have to be secured with Blue Cedar.

Value: Array of Android and iOS app IDs.

Block all external apps: To block data sharing with all external apps, set externalAppIDs to an empty array. This means that the protected app cannot launch external apps to handle files and web links. Custom schemes (for example, social media sharing) are not blocked.

Data Sharing API resources

To manage Data Sharing profiles, use these resources:

  • profile Use type="data_sharing" to create a Data Sharing profile. See example below.
  • profile/catalog/{policytype} Use "data_sharing" for "{policytype}". GET returns an array of details for all policy profiles of the specified type.
  • profile/{GUID} Use the profile ID to specify a policy profile. GET returns details for the specified profile, PUT updates the details in the specified profile, and DELETE archives the profile.
  • settings/data-sharing-default-profile (settings/{policytype}-default-profile ):  POST sets one of the Data Sharing profiles as the default. GET returns the GUID of the current default profile. DELETE archives the current default.

To retrieve details for the policy:

  • app-policy/{GUID} Use the policy ID to specify a policy. GET returns details for the specified policy.
  • app-policy/code/{code} Use POLICY_CODE_DATA_SHARING to specify the policy. GET returns details for the specified policy.

To secure apps with the Data Sharing policy, use these resources:

Creating a Data Sharing profile

Request:

This example creates a Data Sharing profile with the  profile  API, specifying all options.

Request

BASH
curl -k -v -L -b c.txt -c c.txt -X POST https://bc.qwe.com:443/mocana-app-control/rest/profile \
  -F name="TestProfile" \
  -F type="data_sharing" \
  -F desc="Default Profile" \
  -F data="{\"copyBlocked\":\"1\",\"pasteBlocked\":\"1\",
     \"share_map_data\":\"1\",
     \"privacyScreen\":\"1\",
     \"webLinksBehavior\":\"allowCompass\",
     \"externalAppIDs\":{
       \"android\":[\"com.box.android\",\"com.linkedin.android\"],
       \"ios\":[\"com.yourcompany.CopyPasteTile\"]}}"


Response:

Notice that the Compass app IDs appear in the externalAppIDs array. (Android: com.mocana.keybrowser, iOS: com.mocana.Compass.) Setting webLinksBehavior to allowCompass adds appropriate urlMappingRules and adds Compass to the app list.

Note: Setting webLinksBehavior to one of the valid values adds "urlMappingRules" to the Data Sharing profile. Although you use webLinksBehavior to set these values, responses and profiles show the urlMappingRules. You should not configure urlMappingRules directly.

Response

JS
{"message": "",
 "profiles": {
   "data": {
     "profile_data": 
       "{\"urlMappingRules\":[{\"target\":\"maphttp\",\"action\":\"rewriteScheme\",\"from\":\"http\"},
                              {\"target\":\"maphttps\",\"action\":\"rewriteScheme\",\"from\":\"https\"}],
         \"pasteBlocked\":\"1\",\"copyBlocked\":\"1\",
         \"share_map_data\":\"1\",
         \"privacyScreen\":\"1\",
         \"externalAppIDs\":{\"android\":[\"com.box.android\",\"com.linkedin.android\",\"com.mocana.keybrowser\"],
                             \"ios\":[\"com.mocana.Compass\",\"com.yourcompany.CopyPasteTile\"]}}",
     "profile_data_id": "57bcd729-94b3-4b1e-b9e3-799d58259394",
     "profile_data_stamp": "2016-08-19 15:17:17.0"
     },
   "profile_desc": "Default Profile",
   "profile_id": "223302a1-add2-4bd9-8225-901ff24e697f",
   "profile_name": "TestProfile",
   "profile_type": "data_sharing",
   "profile_url": "https://bc.qwe.com:443/mocana-app-control/rest/profile/223302a1-add2-4bd9-8225-901ff24e697f"
   },
 "status": "OK"
}

Request:

This example creates a Data Sharing profile that allows apps to share credentials and encryption keys (grouped apps), but denies apps from sharing app data (preferred apps) and copying and pasting.

Request

BASH
curl -k -v -L -b c.txt -c c.txt -X POST https://bc.qwe.com:443/mocana-app-control/rest/profile \
  -F name="TestProfile" \
  -F type="data_sharing" \
  -F desc="Default Profile" \
  -F data="{\"copyBlocked\":\"1\",\"pasteBlocked\":\"1\",
     \"share_map_data\":\"1\",
     \"externalAppIDs\":\"{}\"}\"

Response

JS
{"message": "",
 "profiles": {
   "data": {
     "profile_data": 
       "{"urlMappingRules":[],
         "pasteBlocked":"1","copyBlocked":"1",
         "privacyScreen":"1",
         "share_map_data":"1",
         "externalAppIDs":{}},
     "profile_data_id": "57bcd729-94b3-4b1e-b9e3-799d58259394",
     "profile_data_stamp": "2016-08-19 15:17:17.0"
     },
   "profile_desc": "Default Profile",
   "profile_id": "223302a1-add2-4bd9-8225-901ff24e697f",
   "profile_name": "TestProfile",
   "profile_type": "data_sharing",
   "profile_url": "https://bc.qwe.com:443/mocana-app-control/rest/profile/223302a1-add2-4bd9-8225-901ff24e697f"
   },
 "status": "OK"
}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.